Category: Privacy

April 18, 2024

Will the U.S. finally join most developed nations and pass a comprehensive federal privacy law? Some believe this may be the year that the U.S. does just that. Calls for passage of a comprehensive U.S. federal privacy law have come […]

April 11, 2024

U.S. Senate and House committee chairs took a decisive step toward enacting national data privacy legislation with the release (in draft) of the American Privacy Rights Act (APRA) on March 31. Sen. Maria Cantwell, D-Wash., and Rep. Cathy McMorris Rodgers, […]

April 9, 2024

Washington’s new data privacy statute, “My Health, My Data Act” (“MHMD” or the “Act”), officially became fully effective on March 31, 2024, for regulated entities under the Act, while small businesses have until June 30, 2024, to comply. The purpose […]

April 5, 2024

The recent enactment of SB 19 (the Oregon Consumer Privacy Act or “OCPA”) will have varying impacts on a large portion of businesses (including nonprofits) operating within Oregon –especially those with websites. For those businesses required to follow the OCPA, […]

April 3, 2024

As a general rule, court proceedings and the related documents are open to the public. There is an important reason for that: justice must not only be done, it must be seen to be done. But what if that would […]

March 25, 2024

1. What’s New? The big news last week was three bills passing out of a state chamber. In Vermont, Representative Priestley’s H.121 unanimously passed the House on March 22. As we noted last week, this general consumer data privacy bill […]

March 25, 2024

As we progress deeper into the 2024 legislative session, developments in the comprehensive privacy law arena have continued apace. In the weeks since our last update, New Hampshire formally joined the ranks of states with comprehensive data privacy laws on […]

March 20, 2024

Last week, Utah Governor Spencer J. Cox signed three privacy-related bills into law. The bills are focused on, respectively, protection of motor vehicle consumer data, regulations on social media companies with respect to minors, and access to protected health information […]

March 18, 2024

As your company grows, so do the risks of errors and missteps. Integrating new technologies across different teams and facets of your business brings countless opportunities, but the risk of privacy infringements rises, too. Take AI, for example: Last year, […]

March 14, 2024

Enacted in 1998, Illinois’ Genetic Information Privacy Act (GIPA) governs the confidentiality and use of genetic testing and genetic information by employers and insurers. The statute was designed to prevent employers and insurers from using genetic testing and information as […]

March 12, 2024

On February 28, 2024, the Biden administration announced the creation of a new national security regulatory regime that will prohibit or restrict certain transactions involving bulk sensitive US personal data or government-related data and specified “countries of concern.” The Biden […]

February 28, 2024

This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international organizations are aware, GDPR provides for […]

February 27, 2024

On Friday, February 9, as the country collectively packed up and prepared to head home for Super Bowl weekend, the Third Appellate District of the California Appellate Court issued an Order granting the California Privacy Protection Agency (the Agency) the […]

February 27, 2024

The Brazilian Data Protection Law (LGPD) in effect since 2020 is starting to show its effects in the litigation landscape. Although the Brazilian National Data Protection Agency (ANPD) has been fairly active since it started operating in 2021 to promote […]

February 22, 2024

During the COVID-19 pandemic, schools were forced to pivot from in-person education to online learning, many using the billions of dollars of federal government pandemic aid to invest in EdTech, software, and other technology. EdTech’s rapid adoption quickly became a […]

February 21, 2024

On February 21, 2024, the California Attorney General announced that it had reached a settlement with a company, resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and California Online Privacy Protection Act (CalOPPA). This is only […]

February 21, 2024

After a successful appeal of a June ruling, the California Privacy Protection Agency (CPPA) is authorized to begin immediate enforcement of privacy regulations developed, and expanded, under the California Privacy Rights Act of 2020 (CPRA). Any company that has been […]

February 20, 2024

Authorities opened an investigation after Uber drivers in France sent complaints to the French privacy protection commission, the CNIL. The CNIL transferred the handling of the complaints to the Dutch Data Protection Authority, since Uber BV is incorporated in the […]

February 19, 2024

As we discussed last year, the Federal Trade Commission (FTC) has increased its focus and its enforcement related to the Children’s Online Privacy Protection Act (COPPA), especially in the educational context. Now the FTC is taking further steps to secure […]

February 15, 2024

If you have been relying on last year’s court order staying the ability of the California Privacy Protection Agency (CPPA) to enforce regulations promulgated under the California Privacy Rights Act (CPRA) to also stay your own CPRA compliance program — […]